Stacked on PR #2883
There will be more changes after this PR, these features are still
broken:
- Can't change filter at runtime yet, you have to restart the client app
- connlib and GUI are sending logs to the same connlib logs files, they
should be separated
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
This reduces the failover time by depending on webrtc's keepalive
instead of wireguard's.
We have much more control over that, since boringtun doesn't bubble up
any of the keepalives timeout(only a trace warning).
In the a next commit, when things are more stable, we should just get
rid of wireguard's keep alive. When we remove webrtc we will build our
own.
Events based on `keepalive` timeouts are key to our failover system, so
we **need** it.
Draft because it's built on top of #2891 (which is completely separate
code but without that the failover just doesn't work correctly)
<img width="1552" alt="Screenshot 2023-12-12 at 11 29 43 PM"
src="https://github.com/firezone/firezone/assets/167144/d517c830-64a8-462d-8cb5-c41835fa2059">
Found a reliable way to return default system DNS resolvers on iOS and
macOS. Even if this method is not perfect, I think it's still worth
pursuing because:
* Many administrators will set an upstream resolver in the portal anyway
(bypassing client system resolvers)
* It unifies our Split DNS approach across platforms (assuming we can
query the default system resolvers on Windows), allowing connlib to
intercept all DNS queries on all platforms. This opens the door for some
interesting feature possibilities in the area of malicious query
blocking. This also makes DNS bugs easier to investigate because there's
only one codepath for packets to take. See
https://github.com/firezone/firezone/issues/2859
Draft because it needs more testing and I need to figure out the
`RustVec<RustString>` type for the Swift -> Rust FFI.
Refs #2713
When a peer expired the os might have cached the old internal ips that
we used, then with a new peer we were assigning new ips and that cached
ip might have been wrong, then the tunnel would be in state where it
would send the wrong response to this ips.
With this PR we try to always reuse the old ip if there's any available.
Previously, we just expected the portal to disconnects us and 401 on the
retry, right now we harden that behaviour by also just disconnecting
when token expiration.
This seems to work, there's another part to this which is not only
handling the replies but also handling the message generated by the
portal, I'll implement that when I can easily test expirying tokens, for
now this makes the client much more stable.
just silly but important mistake 😛fixes#2858 and #2859 (though there might be an additional edge case in
#2859 where the upstream server is set as a dns, though it seems to work
some further testing would be good)
At present, the definition of `Device` is heavily nested with
conditional code. I've found this hard to understand and navigate.
Recent refactorings now made it possible to remove a lot of these layers
so we primarily deal with two concepts:
- A `Device` which offers async read and non-blocking write functions
- A `Tun` abstraction which is platform-specific
Instead of dedicated modules, I chose to feature-flag individual
functions on `Device` with `#[cfg(target_family = "unix")]` and
`#[cfg(target_family = "windows")]`. I find this easier to understand
because the code is right next to each other.
In addition, changing the module hierarchy of `Device` allows us to
remove `async` from the public API which is only introduced by the use
of `rtnetlink` in Linux. Instead of making functions across all `Tun`
implementations `async`, we embed a "worker" within the `linux::Tun`
implementation that gets polled before `poll_read`.
---------
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
It'll show UAC when you first run the app. After that we can open and
close the VPN network adapter without showing more UAC dialogs since we
have sudo powers.
Fixes: #2854.
Note: this is ready for review but reproducing the bug that triggered
the fix takes ~1 hour or so, so I would like to wait to check that's
fixed.
Can be reviewed meanwhile.
It doesn't run with `--example` because Tauri's build process doesn't
seem to be compatible with that.
But it does build the permissions test exe in CI. I might change that a
general test exe later so that I don't have to add more build targets.
It adds about 5 minutes to the CI, sccache only seems to speed up the
build for the 2nd exe a tiny bit.
This PR changes the protocol and adds support for DNS subdomains, now
when a DNS resource is added all its subdomains are automatically
tunneled too. Later we will add support for `*.domain` or `?.domain` but
currently there is an Apple split tunnel implementation limitation which
is too labor-intensive to fix right away.
Fixes#2661
Co-authored-by: Andrew Dryga <andrew@dryga.com>
Many of these commits are in #2757 too.
This has changes like:
- Local webserver PoC
- API token is received from `firezone://` app link, saved in Windows
cred manager, and reloaded on future runs
- connlib GUI integration PoC
- Placeholder for Export Logs feature (just need to actually write the
zip file, and enable/disable the GUI buttons correctly)
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps
[org.jetbrains.kotlin:kotlin-stdlib](https://github.com/JetBrains/kotlin)
from 1.9.20 to 1.9.21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/JetBrains/kotlin/releases">org.jetbrains.kotlin:kotlin-stdlib's
releases</a>.</em></p>
<blockquote>
<h2>Kotlin 1.9.21</h2>
<h2>Changelog</h2>
<h3>Compiler</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62885"><code>KT-62885</code></a>
Introduce a language feature entry for expect actual classes for easier
configuration of MPP projects</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63081"><code>KT-63081</code></a>
Optimize new native caches:
CachedLibraries.computeVersionedCacheDirectory()</li>
</ul>
<h3>Docs & Examples</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-55619"><code>KT-55619</code></a>
Document <code>String.format</code> function</li>
</ul>
<h3>IDE. Gradle Integration</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62877"><code>KT-62877</code></a>
Artifact files collecting for project configuration was finished.
Resolution for configuration configuration X will be skipped</li>
</ul>
<h3>IDE. Gradle. Script</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-60813"><code>KT-60813</code></a>
Scripts: NoSuchMethodError: 'void
org.slf4j.Logger.error(java.lang.String, java.lang.Object)' when
dependency uses Slf4j API</li>
</ul>
<h3>JavaScript</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-60785"><code>KT-60785</code></a>
KJS: Destructured value class in suspend function fails with Uncaught
TypeError: can't convert to primitive type error</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63207"><code>KT-63207</code></a>
KMP / JS: "TypeError: <!-- raw HTML omitted --> is not a
function" with 1.9.20</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62778"><code>KT-62778</code></a>
package.json "main" field has .js extension when the result
files have .mjs extension</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-61795"><code>KT-61795</code></a>
KJS: Incremental Cache is not invalidated if <code>useEsClasses</code>
compiler argument was changed</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-61957"><code>KT-61957</code></a>
KJS: "Uncaught ReferenceError: entries is not defined" caused
by enum class with <code>@JsExport</code> and Enum.entries call</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62444"><code>KT-62444</code></a>
KJS with commonJS modules should re-export in 1.9.20</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63184"><code>KT-63184</code></a>
KJS / Serialization: JsExport on serializable interface creates
erroneous TypeScript</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62190"><code>KT-62190</code></a>
KJS: "IllegalStateException: Expect to have either super call or
partial linkage stub inside constructor" caused by Compose and
useEsModules()</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-58685"><code>KT-58685</code></a>
KJS: "IllegalStateException: Not locked" cused by
"unlock" called twice</li>
</ul>
<h3>Klibs</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62515"><code>KT-62515</code></a>
Interop klib of concurrent version is not accepted when building
dependent project: "The library versions don't match"</li>
</ul>
<h3>Tools. CLI</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63139"><code>KT-63139</code></a>
Incorrect kotlin implementation version (1.9.255-SNAPSHOT) in metadata
info</li>
</ul>
<h3>Tools. Gradle</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63499"><code>KT-63499</code></a>
Gradle: Source sets conventions are still registered</li>
</ul>
<h3>Tools. Gradle. JS</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-59523"><code>KT-59523</code></a>
MPP / KJS: ESM modules uses incorrect file extension on package.json
(.mjs)</li>
</ul>
<h3>Tools. Gradle. Kapt</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md">org.jetbrains.kotlin:kotlin-stdlib's
changelog</a>.</em></p>
<blockquote>
<h2>1.9.21</h2>
<h3>Compiler</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62885"><code>KT-62885</code></a>
Introduce a language feature entry for expect actual classes for easier
configuration of MPP projects</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63081"><code>KT-63081</code></a>
Optimize new native caches:
CachedLibraries.computeVersionedCacheDirectory()</li>
</ul>
<h3>Docs & Examples</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-55619"><code>KT-55619</code></a>
Document <code>String.format</code> function</li>
</ul>
<h3>IDE. Gradle Integration</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62877"><code>KT-62877</code></a>
Artifact files collecting for project configuration was finished.
Resolution for configuration configuration X will be skipped</li>
</ul>
<h3>IDE. Gradle. Script</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-60813"><code>KT-60813</code></a>
Scripts: NoSuchMethodError: 'void
org.slf4j.Logger.error(java.lang.String, java.lang.Object)' when
dependency uses Slf4j API</li>
</ul>
<h3>JavaScript</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-60785"><code>KT-60785</code></a>
KJS: Destructured value class in suspend function fails with Uncaught
TypeError: can't convert to primitive type error</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63207"><code>KT-63207</code></a>
KMP / JS: "TypeError: <!-- raw HTML omitted --> is not a
function" with 1.9.20</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62778"><code>KT-62778</code></a>
package.json "main" field has .js extension when the result
files have .mjs extension</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-61795"><code>KT-61795</code></a>
KJS: Incremental Cache is not invalidated if <code>useEsClasses</code>
compiler argument was changed</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-61957"><code>KT-61957</code></a>
KJS: "Uncaught ReferenceError: entries is not defined" caused
by enum class with <code>@JsExport</code> and Enum.entries call</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62444"><code>KT-62444</code></a>
KJS with commonJS modules should re-export in 1.9.20</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63184"><code>KT-63184</code></a>
KJS / Serialization: JsExport on serializable interface creates
erroneous TypeScript</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62190"><code>KT-62190</code></a>
KJS: "IllegalStateException: Expect to have either super call or
partial linkage stub inside constructor" caused by Compose and
useEsModules()</li>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-58685"><code>KT-58685</code></a>
KJS: "IllegalStateException: Not locked" cused by
"unlock" called twice</li>
</ul>
<h3>Klibs</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-62515"><code>KT-62515</code></a>
Interop klib of concurrent version is not accepted when building
dependent project: "The library versions don't match"</li>
</ul>
<h3>Tools. CLI</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63139"><code>KT-63139</code></a>
Incorrect kotlin implementation version (1.9.255-SNAPSHOT) in metadata
info</li>
</ul>
<h3>Tools. Gradle</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63499"><code>KT-63499</code></a>
Gradle: Source sets conventions are still registered</li>
</ul>
<h3>Tools. Gradle. JS</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-59523"><code>KT-59523</code></a>
MPP / KJS: ESM modules uses incorrect file extension on package.json
(.mjs)</li>
</ul>
<h3>Tools. Gradle. Kapt</h3>
<ul>
<li><a
href="https://youtrack.jetbrains.com/issue/KT-63366"><code>KT-63366</code></a>
Kapt processing fails with custom source sets</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b2740d8957"><code>b2740d8</code></a>
Add changelog for 1.9.21</li>
<li><a
href="5d6520c9fb"><code>5d6520c</code></a>
[K/JS] Fix coroutines but turn back the fix for coroutines intrinsics
`interc...</li>
<li><a
href="8293c8f538"><code>8293c8f</code></a>
KAPT: Use reflection to access code, changed in JDK 21</li>
<li><a
href="e459a6d5d2"><code>e459a6d</code></a>
KAPT: Always print parens on empty annotation parameters</li>
<li><a
href="705c8047ae"><code>705c804</code></a>
KAPT: Run tests on JDK 21</li>
<li><a
href="120c99d455"><code>120c99d</code></a>
Fix ClassCastException in JPS statistics ad update log messages</li>
<li><a
href="68f26183f8"><code>68f2618</code></a>
Fix ClassCastException in JPS statistics ad update log messages</li>
<li><a
href="c66b789f93"><code>c66b789</code></a>
KAPT3: Use another class in com.sun.tools.javac.main</li>
<li><a
href="d4ce8c7262"><code>d4ce8c7</code></a>
Temporarily disable Kapt4IT and KaptIncrementalIT and the
descendants.</li>
<li><a
href="f559dd55ab"><code>f559dd5</code></a>
Stop using IJ's maps in graph implementation of JPS</li>
<li>Additional commits viewable in <a
href="https://github.com/JetBrains/kotlin/compare/v1.9.20...v1.9.21">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Previously, there was a misinterpretation of the spec that didn't allow
_different_ clients to use the same channel number. This is wrong
though. Because channel numbers are managed by clients, they must be
unique _per client_. This patch addresses this short-coming.
I didn't include any dedicated tests for this. The fact that the
existing ones still work means the feature is overall working and the
data structure shows that the channels are now indeed unique per client.
Trying to get CI/CD to produce firezone-windows-client.exe. Can't
remember if I need both a PR and a draft release or just the draft
release for that.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
In some cases we were obvserving that connections between clients and
gateways couldn't be established.
This happened even when candidates where being found on both ends.
This usually was obvserved when ipv6 isn't working on the relays and
it's still used as one of the viable candidates.
To reproduce this more easily I created an iface with 50 ips using this
script:
```bash
#!/bin/bash
# Generate 10 IPv6 addresses
for i in {1..10}
do
for j in {1..5}
do
# Generate a random IPv6 address
ipv6_address=$(openssl rand -hex 5 | sed 's/\(..\)/\1:/g; s/.$//' | awk '{print "fd00::"$1}')
# Add IPv6 address to lo0
sudo ifconfig lo0 inet6 alias $ipv6_address
echo "Added IPv6 address $ipv6_address to lo0"
done
done
```
This behavior was almost consistently obvserved, as it depended on the
order candidates were used.
I tried modifying timeouts and the limits to channel binding requests
that are internal to webrtc but the connections were still not
consistent, the only thing that worked was limiting the number of host
candidates.
This is okay since even if we can't stablish the local connection (no
hairpin nat) relayed connection will still happen.
But this is not a good long-term solution. In the future we should be
smarter how we sort and ping candidates, prioritizing srflx to srflx or
srflx to relay and leave host candidates for last. Will be easier to
improve on after refactoring webrtc out.
There is another channel which we didn't yet increase in size, the one
between the allocation and the main task loop. Increasing to 1000 means
each allocation can potentially buffer 65MB of data. With the biggest
port range (16383 allocations), that would be a theoretical memory
consumption of ~ 1TB. But, this would imply that we have 16383 connected
clients that all send data at max speed, saturating our downlink and our
uplink is somehow ridiculously small. As long as up and downlink are
roughly within the same ballpark figure, it should be impossible to
actually fill up these buffers.
I suspect that the current packet drops of the iperf test are happening
because on localhost, sending 10 UDP packets is so quick that a tokio is
unable to wake up the task in time to empty the queue.
In addition to the increased channel size, I've also added a check for
the other channels to avoid writing to them in case they are not ready
for some reason.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Yesterday, during some portion of the day connections between clients
and resources were impossible.
While I couldn't pinpoint the exact cause I found some issues with
cleanup. This PR fixes those.
Furthermore, I increased the default log level for tunnels in the
clients so that if this happens again we have better logs to triage.
~~Furthermore, I found out about #2705 so, I removed the limit of relays
from connlib since the portal already limits it to 2 (4 if you count
per-ip), that way we make sure that we always use both ipv4 and ipv6.
The connection start up time seems to slow down due to this but I think
this is better. We might want to go to only 2 urls again later on to
speed this up, if the portal can ensure it's a working relay
load-balanced relay there might not be a point in using more than a
single server~~. cc @AndrewDryga
Edit: we always get an ipv4 and ipv6 address for the same relay as the
first two relays in the relay list, save the case where only one of the
ip types is supported. We should be safe limiting it to 2.
---------
Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
This PR started as part of a degradation in performance for the
gateways.
The way to test performance in a realistic enviroment is using a GCP vm
as a client and an AWS vm as a gateway with a single iperf server behind
the gateway.
Then the `iperf` results with current main:
```
Connecting to host 172.31.92.238, port 5201
Reverse mode, remote host 172.31.92.238 is sending
[ 5] local 100.83.194.77 port 58426 connected to 172.31.92.238 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 1.01 MBytes 8.50 Mbits/sec
[ 5] 1.00-2.00 sec 1.14 MBytes 9.59 Mbits/sec
[ 5] 2.00-3.00 sec 699 KBytes 5.73 Mbits/sec
[ 5] 3.00-4.00 sec 1.11 MBytes 9.31 Mbits/sec
[ 5] 4.00-5.00 sec 664 KBytes 5.44 Mbits/sec
[ 5] 5.00-6.00 sec 591 KBytes 4.84 Mbits/sec
[ 5] 6.00-7.00 sec 722 KBytes 5.91 Mbits/sec
[ 5] 7.00-8.00 sec 833 KBytes 6.83 Mbits/sec
[ 5] 8.00-9.00 sec 738 KBytes 6.04 Mbits/sec
[ 5] 9.00-10.00 sec 836 KBytes 6.85 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.06 sec 8.78 MBytes 7.32 Mbits/sec 3 sender
[ 5] 0.00-10.00 sec 8.23 MBytes 6.90 Mbits/sec receiver
iperf Done.
```
Most of the performance problems were due to using SCTP and DTLS.
So I created a
[fork](https://github.com/firezone/webrtc/tree/expose-new-endpoint) of
webrtc that let us circumvent those, since we don't need them because we
are depending on wireguard for encryption.
With those changes much better throughput is achieved:
```
gabriel@cloudshell:~ (firezone-personal-instances)$ iperf3 -R -c 172.31.92.238
Connecting to host 172.31.92.238, port 5201
Reverse mode, remote host 172.31.92.238 is sending
[ 5] local 100.83.194.77 port 51206 connected to 172.31.92.238 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 5.60 MBytes 47.0 Mbits/sec
[ 5] 1.00-2.00 sec 17.2 MBytes 144 Mbits/sec
[ 5] 2.00-3.00 sec 15.8 MBytes 132 Mbits/sec
[ 5] 3.00-4.00 sec 14.8 MBytes 125 Mbits/sec
[ 5] 4.00-5.00 sec 15.9 MBytes 133 Mbits/sec
[ 5] 5.00-6.00 sec 15.8 MBytes 133 Mbits/sec
[ 5] 6.00-7.00 sec 15.3 MBytes 128 Mbits/sec
[ 5] 7.00-8.00 sec 15.6 MBytes 131 Mbits/sec
[ 5] 8.00-9.00 sec 15.6 MBytes 131 Mbits/sec
[ 5] 9.00-10.00 sec 16.0 MBytes 134 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.05 sec 151 MBytes 126 Mbits/sec 74 sender
[ 5] 0.00-10.00 sec 148 MBytes 124 Mbits/sec receiver
iperf Done
```
However, this is still worse than it was achieved with a previous
commit(`21afdf0a9a113c996d60a63b2e8c8f32d3aeb87`):
```
gabriel@cloudshell:~ (firezone-personal-instances)$ iperf3 -R -c 172.31.92.238
Connecting to host 172.31.92.238, port 5201
Reverse mode, remote host 172.31.92.238 is sending
[ 5] local 100.100.68.41 port 49762 connected to 172.31.92.238 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 6.14 MBytes 51.5 Mbits/sec
[ 5] 1.00-2.00 sec 17.1 MBytes 144 Mbits/sec
[ 5] 2.00-3.00 sec 22.8 MBytes 191 Mbits/sec
[ 5] 3.00-4.00 sec 23.5 MBytes 197 Mbits/sec
[ 5] 4.00-5.00 sec 23.0 MBytes 193 Mbits/sec
[ 5] 5.00-6.00 sec 22.1 MBytes 185 Mbits/sec
[ 5] 6.00-7.00 sec 23.0 MBytes 193 Mbits/sec
[ 5] 7.00-8.00 sec 22.7 MBytes 190 Mbits/sec
[ 5] 8.00-9.00 sec 21.0 MBytes 176 Mbits/sec
[ 5] 9.00-10.00 sec 19.9 MBytes 167 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.05 sec 204 MBytes 170 Mbits/sec 127 sender
[ 5] 0.00-10.00 sec 201 MBytes 169 Mbits/sec receiver
```
My profiling suggested that this is due to reading/writing packets
happening in its own dedicated tasks. So much so that maybe in the
future we should even consider spawning their own dedicated runtime so
that those loops have a dedicated OS thread.
Also, probably using a multi-queue interface will give us huge gains if
we have a dedicated task for each queue(currently the interface is
started as a multi-queue but a single file descriptor is used) for
handling multiple concurrent clients.
However, the changes proposed in this PR are good enough for now as long
as performance don't degrade.
In that line I will create a CI that reports the throughput using the
local `docker-compose.yml` file that we should always check before
merging, that is not the be all end all of the performance story but for
smaller PRs the correlation to real world throughput should be enough.
For bigger PRs we should manually test before merging for now, until we
have a way in CI to spin up some realistic tests(note that vms should be
in separate cloud enviroments, the same-cloud links are so reliable that
we miss actual performance degradation due to dropped packets). On this
note I'll write a small manual on how to conduct those tests with full
current results that we should use always before merging new PRs that
affect the hot-path. cc @thomaseizinger
Finally, when testing these changes I found some flakiness regarding the
re-connection path. So I changed things so that we cleanup connections
only using wireguard's error(connection expiration). This is quite slow
for now (~120 seconds) but in the future we can issue an ice restart
each time wireguard keepalive expires(rekey timeout) so that we can
restart connection each ~30 seconds and we can reduce the keepalive time
out from the portal to accelerate it even more. And in the future we can
get smarter about it.
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.10.0
to 0.10.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md">env_logger's
changelog</a>.</em></p>
<blockquote>
<h2>[0.10.1] - 2023-11-10</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="36623f573b"><code>36623f5</code></a>
chore: Release env_logger version 0.10.1</li>
<li><a
href="8a033d8438"><code>8a033d8</code></a>
chore: Fix packaging</li>
<li><a
href="9df7e6c081"><code>9df7e6c</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-cli/env_logger/issues/241">#241</a>
from ChrisDenton/simple-insert</li>
<li><a
href="46ccdd94f5"><code>46ccdd9</code></a>
perf: Replace <code>HashMap</code> with a <code>Vec</code></li>
<li><a
href="bdc96a421f"><code>bdc96a4</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-cli/env_logger/issues/249">#249</a>
from atouchet/v10</li>
<li><a
href="983837c47b"><code>983837c</code></a>
Update links and remove broken badge</li>
<li><a
href="dcd220dfaf"><code>dcd220d</code></a>
Update listed version number</li>
<li><a
href="36b1508ea1"><code>36b1508</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-cli/env_logger/issues/260">#260</a>
from y-yagi/2018-edition</li>
<li><a
href="6f64347c6a"><code>6f64347</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-cli/env_logger/issues/282">#282</a>
from epage/syntax</li>
<li><a
href="b29735781a"><code>b297357</code></a>
chore: Update docs and examples to 2018 edition</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-cli/env_logger/compare/v0.10.0...v0.10.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [proptest](https://github.com/proptest-rs/proptest) from 1.3.1 to
1.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="63ef67c71f"><code>63ef67c</code></a>
[Release] 1.4.0 : adds missing changelog entries (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/397">#397</a>)</li>
<li><a
href="3d40220e74"><code>3d40220</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/393">#393</a>
from tzemanovic/tomas/compile-fail-must-be-debug</li>
<li><a
href="a9123f3eda"><code>a9123f3</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/389">#389</a>
from proptest-rs/tomas/nightly-coroutine-trait</li>
<li><a
href="0a1ba017f8"><code>0a1ba01</code></a>
fix 🤷</li>
<li><a
href="5e17be759b"><code>5e17be7</code></a>
fix nightly build (re: <a
href="https://redirect.github.com/rust-lang/rust/pull/116958">rust-lang/rust#116958</a>)</li>
<li><a
href="6f534cb228"><code>6f534cb</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/377">#377</a>
from sameer/master</li>
<li><a
href="d6f95d46e7"><code>d6f95d4</code></a>
Update compiletest_rs requirement from 0.9 to 0.10 (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/383">#383</a>)</li>
<li><a
href="8b0670379b"><code>8b06703</code></a>
Update regex-syntax requirement from 0.7 to 0.8 (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/386">#386</a>)</li>
<li><a
href="f8c489d42b"><code>f8c489d</code></a>
Update message-io requirement from 0.17.0 to 0.18.0 (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/384">#384</a>)</li>
<li><a
href="539bd55416"><code>539bd55</code></a>
Enable Dependabot (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/380">#380</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/v1.3.1...v1.4.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
We encapsulate the internals of `Device` by providing high-level
functions on `Device` itself and make all the fields private. From the
outside, each consumer this only has an `Arc<Device>` that they can
interact with.
To achieve this, we use the `arc-swap` crate to atomically swap out the
reference to the `Arc<Device>` instead of relying on an `RwLock`. Note
that the _reference_ to this `ArcSwapOption` is also wrapped in an `Arc`
because we need to share this pointer across many `peer_handler`s.
Once we get rid of `Arc<Tunnel>`, this will become a lot simpler.
Bumps [domain](https://github.com/nlnetlabs/domain) from 0.9.0 to 0.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nlnetlabs/domain/releases">domain's
releases</a>.</em></p>
<blockquote>
<h2>0.9.1</h2>
<p>Bug fixes</p>
<ul>
<li>Added missing <code>?Sized</code> bounds to the octets type for
parsing <code>ZoneRecordData</code> and <code>UnknownRecordData</code>.
(<a
href="https://redirect.github.com/nlnetlabs/domain/issues/237">#237</a>
by [<a href="https://github.com/hunts"><code>@hunts</code></a>])</li>
</ul>
<p><a
href="https://redirect.github.com/nlnetlabs/domain/issues/237">#237</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/237">NLnetLabs/domain#237</a>
[<a href="https://github.com/hunts"><code>@hunts</code></a>]: <a
href="https://github.com/hunts">https://github.com/hunts</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's
changelog</a>.</em></p>
<blockquote>
<h2>0.9.1</h2>
<p>Released 2023-10-27.</p>
<p>Bug fixes</p>
<ul>
<li>Added missing <code>?Sized</code> bounds to the octets type for
parsing
<code>ZoneRecordData</code> and <code>UnknownRecordData</code>. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/237">#237</a>
by [<a href="https://github.com/hunts"><code>@hunts</code></a>])</li>
</ul>
<p><a
href="https://redirect.github.com/nlnetlabs/domain/issues/237">#237</a>:
<a
href="https://redirect.github.com/NLnetLabs/domain/pull/237">NLnetLabs/domain#237</a>
[<a href="https://github.com/hunts"><code>@hunts</code></a>]: <a
href="https://github.com/hunts">https://github.com/hunts</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="819bf1b22b"><code>819bf1b</code></a>
Release 0.9.1. (<a
href="https://redirect.github.com/nlnetlabs/domain/issues/239">#239</a>)</li>
<li><a
href="2a6076f061"><code>2a6076f</code></a>
Update changelog.</li>
<li><a
href="821b509762"><code>821b509</code></a>
Support unsized octets in parsing ZoneRecordData and UnknownRecordData
(<a
href="https://redirect.github.com/nlnetlabs/domain/issues/237">#237</a>)</li>
<li><a
href="c20176b773"><code>c20176b</code></a>
Bump version.</li>
<li>See full diff in <a
href="https://github.com/nlnetlabs/domain/compare/v0.9.0...v0.9.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.9 to
0.7.10.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/tokio-rs/tokio/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.107 to
1.0.108.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.108</h2>
<ul>
<li>Documentation improvements (<a
href="https://redirect.github.com/serde-rs/json/issues/1075">#1075</a>,
<a
href="https://redirect.github.com/serde-rs/json/issues/1081">#1081</a>,
<a
href="https://redirect.github.com/serde-rs/json/issues/1082">#1082</a>,
thanks <a href="https://github.com/dimo414"><code>@dimo414</code></a>
and <a
href="https://github.com/fritzrehde"><code>@fritzrehde</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4bc1eaa03a"><code>4bc1eaa</code></a>
Release 1.0.108</li>
<li><a
href="1454eac069"><code>1454eac</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1082">#1082</a>
from dtolnay/fromdoc</li>
<li><a
href="0f072fad73"><code>0f072fa</code></a>
Improve Value From and FromIterator docs</li>
<li><a
href="a8e6f75a9b"><code>a8e6f75</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1081">#1081</a>
from fritzrehde/master</li>
<li><a
href="ebaf61709a"><code>ebaf617</code></a>
fixed typos</li>
<li><a
href="f56053d6f8"><code>f56053d</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1080">#1080</a>
from serde-rs/negativenan</li>
<li><a
href="4e091d5d6d"><code>4e091d5</code></a>
Add test of negative NaN and negative infinity</li>
<li><a
href="421a70d1a6"><code>421a70d</code></a>
Fix unused imports</li>
<li><a
href="39f5ad1534"><code>39f5ad1</code></a>
Remove 'remember to update' reminder from Cargo.toml</li>
<li><a
href="5bb696029d"><code>5bb6960</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1075">#1075</a>
from dimo414/master</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/json/compare/v1.0.107...v1.0.108">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [futures-bounded](https://github.com/libp2p/rust-libp2p) from
0.2.0 to 0.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/libp2p/rust-libp2p/releases">futures-bounded's
releases</a>.</em></p>
<blockquote>
<h2>libp2p-v0.53.0</h2>
<p>The most ergonomic version of rust-libp2p yet!</p>
<p>We've been busy again, with over <a
href="https://github.com/libp2p/rust-libp2p/compare/libp2p-v0.52.0...master">250</a>
PRs being merged into <code>master</code> since <code>v0.52.0</code>
(excluding dependency updates).</p>
<h2>Backwards-compatible features</h2>
<p>Numerous improvements landed as patch releases since the
<code>v0.52.0</code> release, for example a new, type-safe <a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4120"><code>SwarmBuilder</code></a>
that also encompasses the most common transport protocols:</p>
<pre lang="rust"><code>let mut swarm =
libp2p::SwarmBuilder::with_new_identity()
.with_tokio()
.with_tcp(
tcp::Config::default().port_reuse(true).nodelay(true),
noise::Config::new,
yamux::Config::default,
)?
.with_quic()
.with_dns()?
.with_relay_client(noise::Config::new, yamux::Config::default)?
.with_behaviour(|keypair, relay_client| Behaviour {
relay_client,
ping: ping::Behaviour::default(),
dcutr: dcutr::Behaviour::new(keypair.public().to_peer_id()),
})?
.build();
</code></pre>
<p>The new builder makes heavy use of the type-system to guide you
towards a correct composition of all transports. For example, it is
important to compose the DNS transport as a wrapper around all other
transports but before the relay transport. Luckily, you no longer need
to worry about these details as the builder takes care of that for you!
Have a look yourself if you dare <a
href="https://github.com/libp2p/rust-libp2p/tree/master/libp2p/src/builder">here</a>
but be warned, the internals are a bit wild :)</p>
<p>Some more features that we were able to ship in <code>v0.52.X</code>
patch-releases include:</p>
<ul>
<li><a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4325">stable
QUIC implementation</a></li>
<li>for rust-libp2p compiled to WASM running in the browser
<ul>
<li><a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4015">WebTransport
support</a></li>
<li><a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4248">WebRTC
support</a></li>
</ul>
</li>
<li><a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4156">UPnP
implementation to automatically configure port-forwarding with ones
gateway</a></li>
<li><a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4281">option
to limit connections based on available memory</a></li>
</ul>
<p>We always try to ship as many features as possible in a
backwards-compatible way to get them to you faster. Often times, these
come with deprecations to give you a heads-up about what will change in
a future version. We advise updating to each intermediate version rather
than skipping directly to the most recent one, to avoid missing any
crucial deprecation warnings. We highly recommend you stay up-to-date
with the latest version to make upgrades as smooth as possible.</p>
<p>Some improvments we unfortunately cannot ship in a way that Rust
considers a non-breaking change but with every release, we attempt to
smoothen the way for future upgrades.</p>
<h2><code>#[non_exhaustive]</code> on key enums</h2>
<p>We've identified that adding a new "message" to the
<code>ToSwarm</code> enum is a common cause for breaking changes. This
enum is used by plugins (i.e. <code>NetworkBehaviour</code>s) to
communicate with the <code>Swarm</code>. Similarly, the
<code>FromSwarm</code> enum is used to inform plugins about state
changes. By adding <code>#[non_exhaustive]</code> to these and other
enums we enable future additions to be non-breaking changes.</p>
<p>For example, <a
href="https://redirect.github.com/libp2p/rust-libp2p/issues/4302">we
plan</a> to allow <code>NetworkBehaviour</code>s to share addresses of
peers they've discovered with each other. Previously, we had to queue
this feature until the next breaking change whereas now, we can simply
ship it as soon as it is ready!</p>
<p>Thanks to <a
href="https://github.com/dhuseby"><code>@dhuseby</code></a> for getting
the ball rolling on this one. See <a
href="https://redirect.github.com/libp2p/rust-libp2p/pull/4581">PR
4581</a> for details.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74e315719c"><code>74e3157</code></a>
chore: prepare v0.53.0</li>
<li><a
href="402212cf79"><code>402212c</code></a>
fix(swarm): implement <code>ConnectionHandler::poll_close</code> for
combinators</li>
<li><a
href="32c945ccc0"><code>32c945c</code></a>
chore: add changelog entry of backport</li>
<li><a
href="0ef6feb397"><code>0ef6feb</code></a>
feat(swarm): don't have <code>ConnectionHandler</code>s close
connections</li>
<li><a
href="e6905fe5c0"><code>e6905fe</code></a>
deps: migrate to <code>hickory-dns</code></li>
<li><a
href="a428ffdb7d"><code>a428ffd</code></a>
feat(swarm): add <code>#[non_exhaustive]</code> to key enums</li>
<li><a
href="e2e9179fd7"><code>e2e9179</code></a>
feat: introduce tracing</li>
<li><a
href="fab920500d"><code>fab9205</code></a>
feat(core): remove <code>upgrade::transfer</code> module</li>
<li><a
href="d05d836159"><code>d05d836</code></a>
refactor(autonat): use <code>quick-protobuf-codec</code></li>
<li><a
href="ac2848866a"><code>ac28488</code></a>
fix(relay): close stream once done sending</li>
<li>Additional commits viewable in <a
href="https://github.com/libp2p/rust-libp2p/compare/v0.2.0...futures-bounded-v0.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.6 to 4.4.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.4.7] - 2023-10-24</h2>
<h3>Performance</h3>
<ul>
<li>Reduced code size</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9bfa5a338c"><code>9bfa5a3</code></a>
chore: Release</li>
<li><a
href="38b5a2f956"><code>38b5a2f</code></a>
chore: Release</li>
<li><a
href="e485448b89"><code>e485448</code></a>
docs: Update changelog</li>
<li><a
href="f801a03c1b"><code>f801a03</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5181">#5181</a>
from alexcrichton/smaller-is-number</li>
<li><a
href="9a9aabc178"><code>9a9aabc</code></a>
refactor: Reduce code size of testing tokens if they're a number</li>
<li><a
href="1b84314fb4"><code>1b84314</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5176">#5176</a>
from epage/dep</li>
<li><a
href="dcced5ae6a"><code>dcced5a</code></a>
chore: Bump completest</li>
<li><a
href="f4319bcbf2"><code>f4319bc</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5174">#5174</a>
from kpreid/patch-1</li>
<li><a
href="71c1e59334"><code>71c1e59</code></a>
docs: Fix doc link to <code>Arg::trailing_var_arg</code></li>
<li><a
href="deebc1f91d"><code>deebc1f</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5172">#5172</a>
from epage/style</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.4.6...v4.4.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
